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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^ Responsive to communication(s) filed on 03 July 2003 . 
2a)D This action is FINAL. 2b)£<] This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) £3 Claim(s) 1-36 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 1-36 is/are rejected. 

7) 0 Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) ^ The drawing(s) filed on 03 July 2003 is/are: a)KI accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
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application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 



Claims 1-26 have been examined. 

Information Disclosure Statement PTO-1449 

1 . No Information Disclosure Statement was submitted by the applicant. IjUtc 

Claim Rejections - 35 USC § 102 



2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the 
United States before the invention thereof by the applicant for patent, or on an international application 
by another who has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this 
title before the invention thereof by the applicant for patent. 

3. Claims 1 to 36 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Rowland (US Patent Application Publication No. 2002/0129264 A1 f filed January 10, 
2002). 

3.1 . As per claim 1 , Rowland is directed to a computer system comprising: a 
processor; a memory storage unit; an operating system comprising a kernel, said kernel 
comprising a plurality of kernel modules, said kernel modules comprising signature 
information; and a kernel module signature verification system for verifying said kernel 
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module signature information of each of said plurality of kernel modules as said plurality 
of kernel modules are loaded into said kernel (paragraph 149 describes a Loadable 
Kernel Module Agent 1306, which is an agent looking for loadable kernels and verifies 
their validity. As shown in Fig. 13, item 1306 is one of the agents in the group of Mobile 
Autonomous Code (MAC) Security Agents. Another one of the MAC agents is Known 
Intrusion Agent 1305 (paragraph 148), which uses signatures to identify intrusions such 
as suspect loadable kernel modules). 

3.2. As per claim 2, Rowland is directed to the computer system of claim 1 , wherein 
said kernel module signature information is generated via a public key and a private key 
compilation in said kernel module (use of public and private keys to create a signature 
verification protocol is well-known in the art). 

3.3. As per claims 3 and 4, Rowland is directed to the computer system of claim 2, 
wherein said kernel module signature information comprises signature length data 
unique to each of said plurality of kernel modules, said signature length or size data 
used by said kernel module signature verification system in uniquely identifying each of 
said plurality of kernel modules (the signature verification process generates the 
signature of data and compares it with the signature. The generated signature and the 
signature must be identical, which means the length and size of the generated signature 
and the signature must also be identical). 
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3.4. As per claim 5, Rowland is directed to the computer system of claim 4, wherein 
said kernel module signature verification system comprises a kernel cryptographic 
framework for verifying said kernel module signature information (paragraph 132). 

3.5. As per claim 6, Rowland is directed to the computer system of claim 5, wherein 
said kernel module signature verification system further comprises a kernel 
cryptographic framework daemon for performing verification lookup operations of 
signature information provided to said kernel cryptographic framework in said kernel 
(paragraph 153 shows use of system daemons to run a software process). 

3.6. As per claim 7, Rowland is directed to the computer system of claim 6, wherein 
said kernel cryptographic framework daemon further performs module verification of 
said plurality of kernel modules (see response to claim 6). 

3.7. As per claim 8, Rowland is directed to the computer system of claim 7, wherein 
said kernel cryptographic framework retrieves pathname information of said signature 
information for each of said plurality of kernel modules when said plurality of kernel 
modules attempt to load up to said kernel to perform cryptographic operations 
(retrieving the pathname information is part of a typical access process in a computer. 
When the signature is fetched from the memory to the cryptographic process, it is 
accessed by its pathname.) 
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3.8. As per claim 9, Rowland is directed to the computer system of claim 8, wherein 
said kernel cryptographic framework comprises a cryptographic service provider 
registration unit for registering each of said plurality of kernel modules wishing to 
provide cryptographic services in said kernel (per paragraph 29, all agents and 
processes of Rowland register with a module that oversees their operation). 

3.9. As per claim 10, Rowland is directed to the computer system of claim 9, wherein 
said kernel cryptographic framework further comprises a intra-kernel communication 
unit for enabling communications between said kernel cryptographic framework and 
said kernel cryptographic framework daemon (paragraph 29 suggests a Master Control 
Process which is a communication unit allowing elements of the system to communicate 
with one another.). 

3.10. As per claim 1 1 , Rowland is directed to the computer system of claim 10, 
wherein said kernel cryptographic framework further comprises a data structure unit for 
storing said kernel module signature information (Rowland agents access to many 
different kinds of data, including signature data. Use of datastructures in computer 
systems to provide data to processes is well-known in the art). 

3.11. Limitations of claims 12-22, 25-33, 35 and 36 are substantially the same as 
claims 1-11 above. 
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3.12. As per claim 23, Rowland is directed to the computer operating system of claim 

22, wherein said kernel cryptographic framework and said kernel cryptographic 
framework daemon communicate via a plurality of input/output control commands 
(paragraphs 29-31 describes how handlers communicate with one another to exchange 
messages. The messages contain commands to initiate the functionality of each 
handler). 

3.13. As per claim 24, Rowland is directed to the computer operating system of claim 

23, wherein said input/output control commands comprise a door create command for 
creating a plurality of cryptographic doors for enabling communication between said 
kernel cryptographic framework and said kernel cryptographic framework daemon 
(paragraph 87 discloses use of secured messaging between different elements of the 
system). 

3.14. As per claim 34, Rowland is directed to the method of claim 33, wherein said 
kernel cryptographic framework daemon verifies signature data contained in each of 
said plurality of kernel cryptographic modules after said requesting kernel module has 
registered with said kernel cryptographic framework (Rowland verifies validity of files, 
messages and other data using the signature handler (paragraph 124-127). The 
signature handler verifies signatures used by the Loadable Kernel Module Agent 1306, 
or Known Intrusion Agent 1305 to detect unauthorized Kernel modules). 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Farid Homayounmehr whose telephone number is 571 
272 3739. The examiner can normally be reached on 9 hrs Mon-Fri, off Monday 
biweekly. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (571) 272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 



Farid Homayounmehr 




Examiner 



Art Unit: 2132 
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